import { Router } from 'express';
import { authController } from '../controllers/auth.controller';
import { authMiddleware } from '../middleware/auth.middleware';

const router = Router();

// 公开路由
router.post('/register', authController.register);
router.post('/login', authController.login);
router.post('/reset-password', authController.resetPassword);
router.post('/new-password', authController.setNewPassword);

// 受保护的路由
router.get('/me', authMiddleware.authenticate, (req, res) => {
  res.json(req.user);
});

// 更新密码路由
router.put('/users/me/password', authMiddleware.authenticate, authController.updatePassword);
router.put('/users/:userId/password', authMiddleware.authenticate, authMiddleware.requireAdmin, authController.updatePassword);

// 管理员路由
router.get('/users', authMiddleware.authenticate, authMiddleware.requireAdmin, authController.getUsers);
router.post('/users', authMiddleware.authenticate, authMiddleware.requireAdmin, authController.createUser);
router.delete('/users/:userId', authMiddleware.authenticate, authMiddleware.requireAdmin, authController.deleteUser);
router.get('/users/:userId/data', authMiddleware.authenticate, authMiddleware.requireAdmin, authController.getUserData);

export default router; 